Cookie Notice | Flathead Valley Directory

Reading time: A few minutes. Plain summary: How the Flathead Valley Directory uses cookies and browser storage.

1. Summary

The Flathead Valley Directory does not use marketing cookies, analytics cookies, or tracking pixels. We use a small amount of browser storage to keep account holders signed in.

2. What We Use

Local storage for authentication. When you sign in, the Supabase authentication library stores a session token in your browser's local storage so you do not have to sign in on every page. Signing out or deleting your account removes this token. The token is not a tracking cookie and is not shared with third parties.

Form session state. Some forms, like the multi-step submission flow, may briefly hold incomplete entries in memory while you fill them out. Nothing is stored once you finish, cancel, or close the page.

The directory does not set cookies for analytics, advertising, retargeting, or cross-site tracking.

3. Third-Party Services

The directory loads a small number of third-party assets from external networks. These requests reveal your IP address and user agent to the third party, in line with how the web normally works.

Google Fonts (fonts.googleapis.com, fonts.gstatic.com) serves the Sora and Outfit typefaces. Google may log requests in line with its own privacy policy.
OpenStreetMap (tile.openstreetmap.org) serves the map tiles displayed on profile pages with location enabled. The OpenStreetMap Foundation may log tile requests in line with its own privacy policy.
jsDelivr (cdn.jsdelivr.net) delivers the Supabase JavaScript client library used for sign-in and live data access, and the Cropper.js library used on the submission form for image cropping. jsDelivr may log requests in line with its own privacy policy.
YouTube and Vimeo When a business listing includes embedded videos, those videos are loaded from YouTube (via the privacy-enhanced www.youtube-nocookie.com domain) or Vimeo. The video player iframe contacts the host only after you click play; until then, no tracking cookies are set by the video provider. Once you click play, the provider's own privacy practices apply.
Supabase handles authentication, database queries, and file storage. Requests include the data needed for the function you are using.
Netlify hosts the directory and keeps standard server logs.
Google Maps opens in a new tab when you click "Get Directions" on a listing with a public address. Once you leave the directory, Google's own tracking applies.

Server-side, the directory uses Resend (resend.com) to send transactional email notifications. This is a server-to-server integration; your browser does not make any request to Resend.

A current, public list of all sub-processors is maintained at our Subprocessors page.

4. Your Controls

You can clear your browser's local storage and cookies at any time using your browser's privacy settings. Doing so will sign you out of the directory if you have an account. Most browsers also allow you to block specific third-party domains; this may break map and font rendering.

5. Changes

If we ever change our use of cookies or browser storage, we will update this notice and adjust the effective date.

6. Contact

Questions: clint@skyvaultmedia.co.